When connecting FreeRADIUS or ntlm_auth to winbind, you may need to know where winbind’s privileged pipe is so that the file permissions are set correctly. This is sometimes obvious, but may not be (e.g. if you’ve compiled Samba yourself and installed it in a non-standard location).

The following hack (which works on winbind 3.6 to 4.2 at least) will query winbind and ask it where the privileged pipe is.

    $ perl -e 'print "\x30\x08\0\0\x2f".("\0"x2091)'|socat - UNIX-CONNECT:/tmp/.winbindd/pipe|strings|grep '/'
    /var/run/samba/winbindd_privileged
    $

Then you just need to know where the unprivileged pipe is, which is probably not /tmp/.winbindd/pipe if you installed in a non-standard location. 🙂

Note this hack is only semi-serious…

Leave a Reply

Your email address will not be published.